<?php
/**
 * 
 * Plugin class dùng cho phân quyền trên back-end
 * @see Zend_Controller_Plugin_Abstract
 * @package Plugin
 * @filesource library/Plugin/Acl.php
 * @author Windy
 * @version 0.1
 */
class Plugin_Acl extends Zend_Controller_Plugin_Abstract{
	public function preDispatch(Zend_Controller_Request_Abstract $request){
		$acl = new Zend_Acl();
		//add Role
		//tạm thời fixed, nâng cấp sau
		$acl->addRole('Guest');
		$acl->addRole('1', 'Guest');
		$acl->addRole('0', '1');
		$acl->addRole('2', '0');
		
		//add resource
		//default module
		$acl->addResource('front');
		$acl->addResource('front_user','front');
		$acl->addResource('front_article','front');
		$acl->addResource('front_category','front');
		$acl->addResource('front_product','front');
		$acl->addResource('front_tag','front');
		$acl->addResource('front_error', 'front');
		//Admin module
		$acl->addResource('admin');
		$acl->addResource('admin_article','admin');
		$acl->addResource('admin_page','admin');
		$acl->addResource('admin_user','admin');
		$acl->addResource('admin_category','admin');
		$acl->addResource('admin_product','admin');
		$acl->addResource('admin_pcategory','admin');
		$acl->addResource('admin_manufacturer','admin');
		$acl->addResource('admin_bill','admin');
		$acl->addResource('admin_filter','admin');
		$acl->addResource('admin_banner','admin');
		$acl->addResource('admin_tag','admin');
		$acl->addResource('admin_dashboard', 'admin');
		$acl->addResource('admin_supporter','admin');
		$acl->addResource('admin_menu', 'admin');
		$acl->addResource('admin_ajax', 'admin');
		$acl->addResource('admin_promotion', 'admin');
		
		//alow resource
		$acl->allow('Guest', 'front');
		$acl->allow('1','admin_user', array('login','logout','changePass'));
		$acl->allow('1','admin_bill', array('list','view','delete'));
		$acl->allow('1','admin_promotion', array('index'));
		$acl->allow('0', null);
		
		//kiem tra quyen
		$module = $request->getModuleName();
		$controller = $request->getControllerName();
		$action = $request->getActionName();
		if($module == 'admin'){
			$auth = Zend_Auth::getInstance();
			if($auth->hasIdentity()){
				$identity = $auth->getIdentity();
				$role = $identity->role;
				if(!$acl->isAllowed($role,$module.'_'.$controller, $action)){
					$request->setControllerName('error');
					$request->setActionName('authorize');
				}
			}else{
				try{
					$request->setControllerName('user');
					$request->setActionName('login');
				}catch(Exception $ex){
					echo $role;
				}
			}
		}
		
		
		
	}
}